Security Operations Center Analyst

Solutionssavyusa is looking for seeking enthusiastic and motivated SOC (Security Operations Center) Analysts to provide Managed Security Services for our valued customers operating all over the world. This is an experienced SOC level 1/2 opportunity for a rewarding career in the rapidly growing Information Security industry. This position consists of monitoring real-time event data from our customers, keeping abreast of intelligence from the IT security community or other industry sources and operating in a 24/7/365 manner. This will involve working in rotating shifts and covering business and non-business hours.

SOC analysts are the first to respond to cyber security incidents. They report on cyber threats and implement any changes needed to protect the organization.

Job duties of SOC analysts include:

• Triage and perform incident response
• Analysis and response to previously unknown hardware and software vulnerabilities.
• Ability to review the alerts and eliminate false positives
• Ensuring the availability of security systems
• Investigating, documenting, and reporting on any information security (InfoSec) issues as well as emerging trends.
• Escalate key issues of interest
• Threat and vulnerability analysis.

Qualifications

• Deep understanding of SIEM solution
• Ability to demonstrate foundational knowledge of IP networking, Routing & Switching, System Administration, and Information Security
• Relevant training in System Administration, Networking, and/or Security. Certifications preferred for the equivalent of CompTIA Security+ and Network+
• Hands-on experience in use case creation
• Bachelor’s degree & 2 to 4 years of SOC Analyst experience
• Current FW experience/certifications would be a distinct advantage

Desired Skills

• Ability to run vulnerability scans on the infrastructure
• Deep understanding of SIEM architecture
• Strong working experience with managed security services providers like Dell Secure Works / Arctic Wolf
• Work experience in integrating logs from Vulnerability management solutions and Cloud
• Strong understanding of MITRE attack patterns, TTPs, Different logging formats, Threat Intelligence analysis
• Python / other scripting language is desired
• The ability to work with tools like DLP, Endpoint Security Solutions, Firewalls, IDS/IPS, and Proxies is preferred
• Understand various attack patterns and create use cases on an on-demand basis